commit
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes the system git binary to perform repository operations including status checks, diffing, and committing changes.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it incorporates untrusted data from the repository's file diffs into its decision-making process.
- Ingestion points: Data enters the agent context via git status and git diff outputs as described in the 'Process' section of SKILL.md.
- Boundary markers: There are no defined delimiters or instructions to ignore embedded commands within the diff content being analyzed.
- Capability inventory: The skill has the capability to execute shell commands (git) and create commits.
- Sanitization: No sanitization or filtering logic is present to ensure that content within the diffs does not manipulate the agent's commit message generation or logic.
Audit Metadata